WHAT IS CLAIMED IS: 



1 1 . In a networked data processing system comprising one or more host 

2 servers, a switching component, and a data storage component, a storage access method 

3 comprising: 

4 receiving a user-originated request for data storage, the request including a 

5 service policy, the service policy being associated with one or more data storage performance 

6 criteria; 

7 identifying a data store from among a pool of data stores defined in the data 

8 storage component; 

9 identifying a port on the data store by applying a rule to the one or more data 

1 0 storage performance criteria; 

1 1 communicating with a data storage agent to establish a data path within the 

12 data storage component for data communication between the port and the data store, the data 

13 storage agent being one of a plurality of data storage agents that manage portions of the data 

14 storage component; 

1 5 identifying a network path for data communication between a host server that 

16 is identified in the user-originated request and the port; and 

1 7 communicating with a network agent to allocate the network path, the network 

18 agent being one of a plurality of network agents that manage portions of the network storage 

19 component. 

1 2. The method of claim 1 wherein the port the step of applying a rule to 

2 the one or more data storage performance criteria produces a bandwidth metric, wherein the 

3 port is characterized by the bandwidth metric. 

1 3. The method of claim 2 wherein the network path has a bandwidth 

2 metric that is greater than or equal to the bandwidth metric of the port. 

1 4. The method of claim 1 further comprising communicating with a host 

2 agent to allocate resources on the host server that is identified in the user-originated request, 

3 the host agent being one of a plurality of host agents that manage the one or more host servers. 
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1 5. The method of claim 1 wherein the service policy is further associated 

2 with one or more security criteria, wherein the step of identifying a network path includes 

3 applying a second rule to the one or more security criteria to determine one or more security 

4 parameters, wherein the network path is identified based on the one or more security 

5 parameters. 

1 6. A storage service manager comprising a processing component and 

2 computer program code for execution by the processing component, the program code 

3 configured to operate the processing component to perform method steps of: 

4 receiving a user-originated request for data storage, the request including a 

5 service policy, the service policy being associated with one or more data storage performance 

6 criteria; 

7 executing a rule to identify a suitable data store from among a pool of data 

8 stores defined in a data storage component, the rule comprising an evaluation of the one or 

9 more data storage performance criteria, including identifying a port based on the rule; 

10 communicating with a data storage agent to establish a data path within the 

1 1 data storage component for data communication between the port and the data store, the data 

12 storage agent being one of a plurality of data storage agents that manage portions of the data 

13 storage component; 

14 identifying a network path for data communication between a host server that 

15 is identified in the user-originated request and the port; and 

16 communicating with a network agent to allocate the network path, the network 

17 agent being one of a plurality of network agents that manage portions of a network storage 

1 8 component. 

1 7. The storage service manager of claim 6 wherein the port is 

2 characterized by a bandwidth metric that is determined by applying the rule to the one or 

3 more data storage performance criteria. 

1 8. The storage service manager of claim 7 wherein the network path is 

2 characterized by a bandwidth metric that is greater than or equal to the bandwidth metric of 

3 the port. 
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1 9. In a networked data processing system comprising one or more host 

2 servers, a switching component, and a data storage component, a storage access method 

3 comprising: 

4 receiving a user-originated request for data storage, the request including a 

5 service policy, the service policy being associated with one or more data storage performance 

6 criteria and with one or more security criteria; 

7 identifying a data store from among a pool of data stores defined in the data 

8 storage component based on a first rule comprising an evaluation of the one or more data 

9 storage performance criteria; 

1 0 communicating with a data storage agent to establish a data path within the 

1 1 data storage component for data communication between the data store and a port on the data 

12 store, the data storage agent being one of a plurality of data storage agents that manage 

1 3 portions of the data storage component; 

14 identifying a network path for data communication between a host server that 

15 is identified in the user-originated request and the port, based on a second rule comprising an 

16 evaluation of the one the one or more security criteria; and 

17 communicating with a network agent to allocate the network path, the network 

18 agent being one of a plurality of network agents that manage portions of the network storage 

19 component. 

1 10. The method of claim 9 wherein the port is identified based on a 

2 bandwidth metric that is determined by evaluating the first rule. 

1 11. The method of claim 9 wherein an evaluation of the second rule 

2 produces one or more security criteria, wherein the network path is identified based on the 

3 one or more security criteria. 

1 12. The method of claim 9 wherein the port is identified based on a 

2 bandwidth metric that is determined by evaluating the first rule and the network path is 

3 characterized by having a bandwidth metric that is greater than or equal to the bandwidth 

4 metric of the port. 
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1 13. In a networked data processing system comprising one or more host 

2 servers, a switching component, and a data storage component, a storage service manager 

3 comprising a processing component and computer program code for execution by the 

4 processing component, the program code configured to operate the processing component to 

5 perform method steps of: 

6 receiving a user-originated request for data storage, the request including a 

7 service policy, the service policy being associated with one or more data storage performance 

8 criteria and with one or more security criteria; 

9 identifying a data store from among a pool of data stores defined in the data 

10 storage component based on a first rule comprising an evaluation of the one or more data 

1 1 storage performance criteria; 

12 communicating with a data storage agent to establish a data path within the 

13 data storage component for data communication between the data store and a port on the data 

14 store, the data storage agent being one of a plurality of data storage agents that manage 

15 portions of the data storage component; 

16 identifying a network path for data communication between a host server that 

17 is identified in the user-originated request and the port, based on a second rule comprising an 

18 evaluation of the one the one or more security criteria; and 

19 communicating with a network agent to allocate the network path, the network 

20 agent being one of a plurality of network agents that manage portions of the network storage 

2 1 component. 

1 14. The computer program of claim 13 further configured to operate the 

2 processing component to perform a method step of evaluating the second rule to produce at 

3 least one security parameter, wherein the network path is identified based on the at least one 

4 security parameter. 

1 15. The computer program of claim 14 wherein the at least one security 

2 parameter includes one of a port zoning parameter and a WWN (world-wide name) zoning 

3 parameter. 

1 16. The computer program of claim 13 further configured to operate the 

2 processing component to perform a method step of evaluating the first rule to produce a 

3 bandwidth metric, wherein the bandwidth metric is used to identify the port on the data store. 
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1 17. The computer program of claim 16 further configured to operate the 

2 processing component to perform a method step of evaluating the second rule to produce at 

3 least one security parameter, wherein the network path is identified based on the at least one 

4 security parameter. 

1 18. The computer program of claim 17 wherein the at least one security 

2 parameter includes one of a port zoning parameter and a WWN (world-wide name) zoning 

3 parameter. 

1 19. In a networked data processing system comprising one or more host 

2 servers, a switching component, and a data storage component, a storage access method 

3 comprising: 

4 receiving a user-originated request for data storage, the request comprising a 

5 service policy, the service policy being associated with one or more security criteria; 

6 based on some of the one or more security criteria, identifying a data store 

7 from among a pool of data stores managed by the data storage component; 

8 communicating with one or more data agents to allocate the data store; 

9 based on some of the one or more security criteria, identifying a network path 

10 between a host server and the data store, wherein the host server is identified in the user- 

1 1 originated request; and 

12 communicating with one or network agents to configure the switching 

13 component to set up the network path. 

1 20. The method of claim 19 further comprising communicating with a host 

2 agent to configure the host server. 

1 21 . The method of claim 19 wherein the one or more security criteria 

2 include a logical unit number (LUN) masking specification that identifies one or more LUN's 

3 in the pool of data stores. 

1 22. The method of claim 19 wherein the one or more security criteria 

2 include a WWN (world-wide name) zone specification, wherein the network path is 

3 identified based on the WWN zone. 
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1 23. The method of claim 19 wherein the one or more security criteria 

2 include a port zone specification, wherein the network path is identified based on the port 

3 zone. 

1 24. In a networked data processing system comprising one or more host 

2 servers, a switching component, and a data storage component, computer program code 

3 configured to operate a processor to perform steps of: 

4 receiving a user-originated request for data storage, the request comprising a 

5 service policy, the service policy being associated with one or more security criteria; 

6 identifying a data store from among a pool of data stores managed by the data 

7 storage component; 

8 identifying a port on the data store; 

9 communicating with one or more data agents to set up the data store and the 

10 port; 

1 1 identifying a network path between a host server and the port on the data store, 

12 wherein the host server is identified in the user-originated request; and 

1 3 communicating with one or network agents to configure the switching 

14 component to set up the network path, 

15 wherein one or more of the steps of identifying include determining a security 

1 6 parameter from the one or more security criteria and performing the identifying step using the 

1 7 security parameter. 

1 25. The computer program of claim 24 wherein the security parameter is a 

2 LUN masking parameter, wherein the data store is configured in accordance with the LUN 

3 masking parameter. 

1 26. The computer program of claim 24 wherein the security parameter is a 

2 port zoning parameter, wherein the network path is set up in accordance with the port zoning 

3 parameter. 

1 27. The computer program of claim 24 wherein the security parameter is a 

2 WWN zoning parameter, wherein the network path is set up in accordance with the WWN 

3 zoning parameter. 
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